In the first of what will be many articles and videos by Brian Wilson as we absorb the content from his site into EH-Net, he offers up his thoughts on the security practices of those that employ automatic updates in their software.

In this paper I would like to bring light to an area of security that most people do not think about or maybe have blind trust in this aspect of security. What I am talking about is software with automatic update functions. Most of us think about Windows when you hear the term "Auto-Update," but there are a lot of different kinds of software that have auto-updates and some times it is enabled without your knowledge. Now auto-updates features can be very helpful to non technical users and when it comes to windows or other Operating Systems, it is very important to have your auto-updates features turned on.

Yea I used the example of a game but I have found that like the older Trojan days of free screen savers with extra code there are alot of tools out there (like winbar) that send all kinds of your info back to there master. Just look at the different applications on your PC (winamp, Quick time, Windows, Hamachi, Winbar, IM clients, and many more) and see how many are calling out for no reason with a sniffer. One of the best ways to see this is hook up to and AP that has no real connection to the internet and start sniffing. You will see other that the windows crap (netbios) that there is alot going on behind the seens. I have noticed some of the applications on desktops are going to ports and IP blocks listed in ARIN that are not from companies the software was published from. Just think if you where able to fool some yahoo IM clients to update from your server and you have a nice Trojan in the IM client update. You could build a huge network of computers controlled and ready for bad deeds. I just wanted to hopefully open peoples eyes to the blind trust they put in software they think they can trust.

I think to a large extent we are at the mercy of our vendors, but to use p2p is irresponsible and should not happen. I remember for a while (and possibly it still happens) that testing patches (primarily speaking of windows) was the mantra, but as things have advanced and IT staff are forced to handle more responsibilities testing (at least for a lot of us) is not an option. Everytime I do my updates, I sweat a little hoping that nothing crashes, but that has become par for the course.

For anyone that wants to combat phoning home (and unauthorized installs) use SpyBot, http://www.spybot.info.&nbsp; With a little tweaking, nothing will be able to install unless you expressly allow it. Yes it is a hassle but well worth it. Spybot allows you to take control of your machine and decide who can and cannot access your machine. DISCLAIMER:Using Spybot to stop phoning home may cause your machine to stop functioning properly, before using SpyBot make certain you have a good backup of your registry (part of the initial install).